plusvid-codedownloader.exe
PlusVid
Phoenix Media
The application plusvid-codedownloader.exe has been detected as adware by 23 anti-malware scanners. Built using the Crossrider web brower toolkit the CodeDownloader component will automatically connnect to the remote API server and download additional code/components for Phoenix Media extension/toolbar. The component makes a number of requests to the host app-static.crossrider.com/plugins/.../monetization/monetizationLoader.js. While running, it connects to the Internet address stats.srvstatsdata.com on port 80 using the HTTP protocol.
File name:
plusvid-codedownloader.exe
Version:
1000.1000.1000.1000
MD5:
0fdeaa6fb5c139436d21c79d0bdead1f
SHA-1:
4986085d8339b8b20c5aad88c53f6c473f1d53e3
Scanner detections:
23 / 68
Explanation:
The software may change the browser's home page and search provider settings as well as display advertisements.
Note:
Crossrider is the owner of a platform that enables the creation of cross-browser extensions by developers but is not the owner of this detected application.
Analysis date:
4/26/2024 7:41:00 AM UTC (today)
Scan engine
Detection
Engine version
Lavasoft Ad-Aware
Adware.Generic.950360
925
AhnLab V3 Security
PUP/Win32.PlusHD
2014.07.01
Avira AntiVirus
Adware/CrossRider.A.6379
7.11.157.204
avast!
Win32:Adware-gen [Adw]
2014.9-140725
Baidu Antivirus
Adware.Win32.CrossRider
4.0.3.14725
Bitdefender
Adware.Generic.950360
1.0.20.1030
Comodo Security
ApplicUnwnt
18719
Emsisoft Anti-Malware
Adware.Generic.950360
8.14.07.25.10
ESET NOD32
Win32/Toolbar.CrossRider.AJ (variant)
8.10023
Fortinet FortiGate
Riskware/Toolbar_CrossRider
7/25/2014
F-Secure
Adware.Generic.950360
11.2014-25-07_6
G Data
Adware.Generic.950360
14.7.24
K7 AntiVirus
Trojan
13.180.12574
Malwarebytes
PUP.Optional.PlusVid.A
v2014.07.25.10
McAfee
RDN/Generic PUP.x!chn
5600.7059
MicroWorld eScan
Adware.Generic.950360
15.0.0.618
Qihoo 360 Security
Win32/Virus.Adware.51a
1.0.0.1015
Reason Heuristics
PUP.Crossrider.PhoenixMedia.W
14.8.1.0
Trend Micro House Call
TROJ_GEN.R0CBC0OFP14
7.2.206
Trend Micro
TROJ_GEN.R0CBC0OFP14
10.465.25
VIPRE Antivirus
Crossrider
30820
File size:
496 KB (507,904 bytes)
Product version:
1000.1000.1000.1000
Original file name:
PlusVid.exe
File type:
Executable application (Win64 EXE)
Language:
English (United States)
Common path:
C:\Program Files\plusvid\plusvid-codedownloader.exe
The executing file has been seen to make the following network communications in live environments.
http://update.srvstatsdata.com/installer_updates/001743/update.json